Hello Noir ๐Ÿ‘‹๐Ÿผ

Attack surface detector that identifies endpoints by static analysis

by hahwul 1 min read

Noir partnered with OWASP in June 2024 and has since become OWASP Noir. Consequently, I have updated some parts of this post to reflect this change.

Hi all! I am excited to announce the release of my toy project called โ€˜Noirโ€™ ๐ŸŽ‰๐Ÿš€

Noir is a source code analysis tool that identifies API endpoints, methods, parameters, and more within the source code, providing various formats of output. Today, Iโ€™ll give you a brief description of this tool.

Installation

Currently, installations are available through Homebrew and source code-based installations. Please refer to the following commands.

Homebrew

brew install noir

From Source

# Install Crystal-lang
# https://crystal-lang.org/install/

# Clone this repo
git clone https://github.com/owasp-noir/noir
cd noir

# Install Dependencies
shards install

# Build
shards build --release --no-debug

# Copy binary
cp ./bin/noir /usr/bin/

Basic

The โ€˜Basicโ€™ related flags refer to essential flags for analysis. You can set the base directory, URL, and scope for the analysis.

  Basic:
    -b PATH, --base-path ./app       (Required) Set base path
    -u URL, --url http://..          Set base url for endpoints

The โ€˜-bโ€™ flag is required, and it specifies the base directory for analysis. By using the โ€˜-bโ€™ option, you can analyze the source code directory. By default, it analyzes the technologies used within that directory and operates the engine associated with each technology to perform the source code analysis.

noir -b <BASE-PATH>

Output Formats

The โ€˜Outputโ€™ related flags allow you to configure options for formatting and logging related to the output.

  Output:
    -f FORMAT, --format json         Set output format
                                       * plain yaml json jsonl markdown-table
                                       * curl httpie oas2 oas3
                                       * only-url only-param only-header only-cookie
    -o PATH, --output out.txt        Write result to file

# Plain
noir -b . -u http://localhost:3000

# Curl
noir -b . -u http://localhost:3000 -f curl

# HTTPie
noir -b . -u http://localhost:3000 -f httpie

# JSON
noir -b . -u http://localhost:3000 -f json

# Markdown table
noir -b . -u http://localhost:3000 -f markdown-table

Example - Curl Format

Delivers

Through the โ€˜Deliversโ€™ subflags, you can establish interactions with other tools.

  Deliver:
    --send-req                       Send the results to the web request
    --send-proxy http://proxy..      Send the results to the web request via http proxy

Noir to ZAP

Support Targets

https://owasp-noir.github.io/noir/supported

Final Remarks

Although there is still room for improvement, I am committed to making steady progress. So, please keep your expectations high!